17.06.2021, 23:54 UhrDeutsch | English
Hallo Gast [ Registrierung | Anmelden ]

Postfix Postfix mailserver configuration

To install postfix, do:

apt-get install postfix

Next, you will be guided thru a wizard.
Set it up the way you want, but don't worry: if you are not sure about settings, you can always run it again with

dpkg-reconfigure postfix

Because you also want to keep out SPAM, also install postgrey:

apt-get install postgrey

I'm not going to comment on the postgrey settings, as the defaults are fine. The only thing you might want to do, is to exclude certain mailservers from postgrey. Look in /etc/postgrey/ to whitelist servers.

Below is a basic setup for a mailserver with internet access.
All IP's are blanked out, just as hostnames, this is the file /etc/postfix/main.cf:

# See /usr/share/postfix/main.cf.dist for a commented, more complete version

smtpd_banner = $myhostname ESMTP $mail_name (Debian/GNU)
biff = no

# appending .domain is the MUA's job.
append_dot_mydomain = no

# Uncomment the next line to generate "delayed mail" warnings
delay_warning_time = 4h   <-Set this because it is a bit below standard, and I want an early warning

myhostname = mail.mydomain.com
mydomain = mydomain.com
alias_maps = hash:/etc/aliases
#alias_database = hash:/etc/aliases
myorigin = /etc/mailname
mydestination = machinename.mydomain.com, localhost.mydomain.com, localhost, mydomain, mail.mydomain.com   <- I use mail.mydomain.com as standard mx record setting. You could also use smtp.mydomain.com (or anything else), but you also have to set that here then.

mynetworks = <external IP>

home_mailbox = Maildir/  <- use something without a "/" on the end here, if you use mailfiles and not folders!
#mailbox_command = procmail -a "$EXTENSION"
mailbox_command = /usr/bin/maildrop     <- this one is for mailfolders; for mailfiles, use the line outcommented above this one.

mailbox_size_limit = 0  <- set this if you want people to use only a limited size mailbox
recipient_delimiter = + 
inet_interfaces = all  <- could be only on a specific interface (i.e. eth0, lan0, net0)

smtpd_banner=$myhostname ESMTP $mail_name (MyCompanyname)
sendmail_path = /usr/sbin/sendmail.postfix

virtual_maps = hash:/etc/postfix/virtual   <- only if you use virtual domains; in that case don't forget to create a file "virtual"

smtpd_recipient_restrictions =  permit_mynetworks
                                                 check_policy_service inet:  <- the postgrey filter; automatically added by postgrey installation

# Defines who can send a message thru this server
smtpd_sender_restrictions =     permit_mynetworks

smtpd_client_restrictions =     permit_mynetworks

smptd_delay_reject = yes
smptd_helo_required = yes
smtpd_helo_restrictions =       check_helo_access hash:/etc/postfix/helo_access

End of the main.cf file.

#Most of the above settings are to make it harder for spam to get in. They are well documented on the internet, so I wont comment on them here. Only the helo thing: helo is sent by all servers; spammers sometimes also spoof this. If you see a pattern in your /var/log/mail.info in the helo of a spammer, just fill out that helo in /etc/postfix/helo_access, run

postmap /etc/postfix/helo_access

and your settings will be activated. Below is an example of a helo_access file:

G4SERVER                REJECT
hosting4u.co.kr         REJECT
kkqg                    REJECT
friend                  REJECT
localhost               REJECT
localhost.localdomain   REJECT
sina.com                REJECT

After changing your settings in main.cf, you need to restart postfix:

postfix reload

If you are having issues, the first thing to do is to look in /var/log/mail.info, /var/log/mail.warn , /var/log/mail.err. These files usually tell you what's wrong with your current setup.

When a setting you just changed, looks unchanged in postfix, look in /var/spool/postfix/etc. In this folder postfix keeps its config, as it is a chrooted service. Update settings here if needed.


On firewalls: Open port 25 for your mailserver
Check whether your ISP lets you use an e-mail server. A lot of ISP's closed off port 25 on their networks!
XML Revisions of $tag
Seiten-History :: Letzter Editor : HJH :: Eigentümer : HJH ::
Powered by pnWikka 1.0
Deutsch | English
Logos and trademarks are the property of their respective owners, comments are property of their posters, the rest is © 2004 - 2006 by Jörg Schirottke (Kano).
Consult Impressum and Legal Terms for details. Kanotix is Free Software released under the GNU/GPL license.
This CMS is powered by PostNuke, all themes used at this site are released under the GNU/GPL license. designed and hosted by w3you. Our web server is running on Kanotix64-2006.